May 17, 2019 | Fernando Martinez

Adversary simulation with USM Anywhere

By Fernando Martinez and Javier Ruiz of AT&T Alien Labs. In our previous blog, we analyzed how it is possible to map malware threats using the MITRE ATT&CK™ framework. In this blog, we will test the USM Anywhere platform against red team techniques and adversary simulations. We performed this analysis as part of our continuous…

May 15, 2019 | Karoline Gore

Critical Cyber Security features that your business needs to survive

Recent statistics show that 60% of businesses are forced to suspend operations after a cyber-attack are never able to reopen for business. This is largely due to revenue lost due to downtime as well as damage to the company’s reputation. The good news is that most of these threats can be mitigated with reliable cybersecurity. When…

Get the latest security news in your inbox.

Subscribe via Email

May 14, 2019 | Kate Brew

Confidence: the perception and reality of cybersecurity threats

At RSA 2019, we conducted a survey that netted 733 respondents along with interviews between Javvad Malik, former security advocate at AT&T Cybersecurity, and security experts. The full results are in his comprehensive and informative research report. Following are a few highlights: Internal threats Phishing is the clear “winner” here. At 29%, nearly a third cited phishing as the…

May 10, 2019 | Chris Doman

Sharepoint vulnerability exploited in the wild

AT&T Alien Labs has seen a number of reports of active exploitation of a vulnerability in Microsoft Sharepoint (CVE-2019-0604). One report by the Saudi Cyber Security Centre appears to be primarily targeted at organisations within the kingdom. An earlier report by the Canadian Cyber Security Centre identified similar deployment of the tiny China Chopper web-shell to gain…

May 8, 2019 | Kelley Bryant

The art of pushing left in application security

Today, software is being developed at a breakneck speed. Agile development and the aggressive adoption of DevOps is leading to an abundance of functionality and feature sets, or pieces of code pushed out to consumers at a record pace.  These one-click opportunities may indeed get us what we want, however, the game remains the same. The Achilles Heel is…

May 7, 2019 | Javvad Malik

What does the CISO say? A Tweetchat roundup

Note from the editor: Javvad has left AT&T Cybersecurity, but on his last day he penned a final blog, recapping the awesome tweet chat we had with all star CISO's. Here is Javvad's heroic working-the-last-day blog: On 18th April 2019, @ATTCyber gathered a panel of CISOs (and recovering CISOs) for a tweetchat to discuss some of the…

May 6, 2019 | Bob Covello

Don’t focus 100% on security

In recent months, I have met many people who are interested in working in Cybersecurity.  This is wonderful, especially given the amount of available employment opportunities in this field. Like any ambitious person, the people who approach me to ask about getting into the field want to fully immerse themselves in “all things security”.  This is…

May 2, 2019 | James Quinn

Reversing Gh0stRAT part 2: the DDOS-ening

This is a guest post James Quinn, a SOC analyst from Binary Defense. In Part 1 of the Reversing Gh0stRAT series, we talked about a partial Gh0stRAT variant which used an encryption algorithm to hide its traffic.  In part 2, we will be talking about a much more complete Gh0stRAT sample which allows a hacker to take total…

May 1, 2019 | Tawnya Lancaster

Who’s phishing in your cloud? And, some suggestions for detecting it

An example of how to detect platform or service attacks Oh, the places we go . . . with apps in the cloud.   A comprehensive, six-month study released by Proofpoint, in March reports that (oh, to our surprise), attackers are “leveraging legacy protocols and credential dumps to increase the speed and effectiveness of brute …

April 30, 2019 | Katia Dean

What everybody ought to know about mentoring in InfoSec

It seems like everyone wants to get into the field of cyber security. Regarding this, having a mentor is important for your cyber career. A mentor is known to be knowledgeable in the field, will guide you along your path providing direction from what they have learned and motivate you throughout your career. When I set out on this path,…

April 29, 2019 | Kim Crawley

How to create a security culture in your company in 2019

Cybersecurity isn’t just about the computer hardware, software, and networking technicalities that it pertains to. It is also about how human beings behave with computer technology–and what sort of cyber risks that behavior can create. Culture influences behavior, and the security culture of your company can have an immense effect on your cybersecurity. I’ll explain why. What…

April 26, 2019 | Javvad Malik

Things I hearted this week 26th April 2019

Hello and welcome to a very special edition of things I hearted this week as this may be the last time you’ll read this column here on the AlienVault (AT&T Cybersecurity) blog. And I’ve probably already said too much. Onwards with the things I hearted. How to help dissidents with technology? “Lift all…

Watch a Demo ›
Get Price Free Trial